• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 837
  • Last Modified:

VB.NET sql connection statement syntax question...

I need to query a DB using a variable from a textbox.  The strSearch will hold the string to search for using the LIKE option.

How do I use a variable (strSearch) in the SQL statement with the % wildcard?  

Where (T4.PROJ_ID LIKE %'strSearch'%)  ???  That isn't right...

Is this SQL syntax or VB?

Thanks in advance...
0
Weller0123
Asked:
Weller0123
3 Solutions
 
KarunSKCommented:
Is this what you want?

Dim strWhereClause As String = "Where (T4.PROJ_ID LIKE '%" & strSearch & "%')"

0
 
gregoryyoungCommented:
String WhereClause = "Where T4.PROJ_ID LIKE %" & txtSearch.Text.Replace("'","''") & "%'";

WhereClause = WhereWhere T4.PROJ_ID LIKE '%TEXT%'

that will find anything with txtSearch.text in it ...
use a % for wild chars anywhere in the string

remember to either use the sqltypes or to escape things like ' out of your field otherwise someone can use it to attack your database
0
 
mmarinovCommented:
the one way is to use parameters
if you want to build direct the sql statement
you can use
"select * from T4 where (T4.Proj_ID Like '%" & strSearch & "%')"

hth
b..m
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now